package cn.autumnorange;

import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

//WebSecurityConfigurerAdapter 会对需要认证的资源进行跳转至授权服务器
@EnableOAuth2Sso
@Configuration
public class AppWebSecurityConfigurerAdapter
        extends ResourceServerConfigurerAdapter
//        extends WebSecurityConfigurerAdapter
{

  @Override
  public void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
            //        .antMatchers("/login", "/oauth/**")
            //        .permitAll()
            .antMatchers("/wushaofeng")
            .authenticated()
            //                .anyRequest()
            //                .authenticated()
            .and()
            .csrf()
            .disable()
            .cors()
            .disable();
  }
}
